public void ExtractClaimUid_ClaimsIdentity() { // Arrange Mock <IIdentity> mockIdentity = new Mock <IIdentity>(); mockIdentity.Setup(o => o.IsAuthenticated).Returns(true); MockAntiForgeryConfig config = new MockAntiForgeryConfig() { UniqueClaimTypeIdentifier = "unique-identifier" }; ClaimsIdentityConverter converter = new ClaimsIdentityConverter(new Func <IIdentity, ClaimsIdentity>[] { identity => { Assert.Equal(mockIdentity.Object, identity); MockClaimsIdentity claimsIdentity = new MockClaimsIdentity(); claimsIdentity.AddClaim("unique-identifier", "some-value"); return(claimsIdentity); } }); ClaimUidExtractor extractor = new ClaimUidExtractor( config: config, claimsIdentityConverter: converter); // Act BinaryBlob retVal = extractor.ExtractClaimUid(mockIdentity.Object); // Assert Assert.NotNull(retVal); Assert.Equal("CA9CCFF86F903FBB7505BAAA9F222E49EC2A1E8FAD630AE73DE180BD679751ED", HexUtil.HexEncode(retVal.GetData())); }
private static AntiForgeryWorker CreateSingletonAntiForgeryWorker() { IAntiForgeryConfig config = new AntiForgeryConfigWrapper(); IAntiForgeryTokenSerializer serializer = new AntiForgeryTokenSerializer(MachineKey45CryptoSystem.Instance); ITokenStore tokenStore = new AntiForgeryTokenStore(config, serializer); IClaimUidExtractor claimUidExtractor = new ClaimUidExtractor(config, ClaimsIdentityConverter.Default); ITokenValidator validator = new TokenValidator(config, claimUidExtractor); return(new AntiForgeryWorker(serializer, config, tokenStore, validator)); }
public void ExplicitUniqueClaimType_NotPresent_Throws(object identity) { // Arrange ClaimsIdentity claimsIdentity = (ClaimsIdentity)identity; // Act & assert var ex = Assert.Throws <InvalidOperationException>(() => ClaimUidExtractor.GetUniqueIdentifierParameters(claimsIdentity, "fooClaim")); Assert.Equal(@"A claim of type 'fooClaim' was not present on the provided ClaimsIdentity.", ex.Message); }
public void DefaultUniqueClaimTypes_NotPresent_Throws(object identity) { // Arrange ClaimsIdentity claimsIdentity = (ClaimsIdentity)identity; // Act & assert var ex = Assert.Throws <InvalidOperationException>(() => ClaimUidExtractor.GetUniqueIdentifierParameters(claimsIdentity, null)); Assert.Equal(@"A claim of type 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier' or 'http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider' was not present on the provided ClaimsIdentity. To enable anti-forgery token support with claims-based authentication, please verify that the configured claims provider is providing both of these claims on the ClaimsIdentity instances it generates. If the configured claims provider instead uses a different claim type as a unique identifier, it can be configured by setting the static property AntiForgeryConfig.UniqueClaimTypeIdentifier.", ex.Message); }
public void ExtractClaimUid_NullIdentity() { // Arrange ClaimUidExtractor extractor = new ClaimUidExtractor( config: null, claimsIdentityConverter: null); // Act BinaryBlob retVal = extractor.ExtractClaimUid(null); // Assert Assert.Null(retVal); }
public void ExplicitUniqueClaimType_Present() { // Arrange MockClaimsIdentity identity = new MockClaimsIdentity(); identity.AddClaim("fooClaim", "fooClaimValue"); identity.AddClaim(ClaimUidExtractor.NameIdentifierClaimType, "nameIdentifierValue"); identity.AddClaim(ClaimUidExtractor.IdentityProviderClaimType, "identityProviderValue"); // Act var retVal = ClaimUidExtractor.GetUniqueIdentifierParameters(identity, "fooClaim"); // Assert Assert.Equal(new string[] { "fooClaim", "fooClaimValue" }, retVal); }
public void ExtractClaimUid_Unauthenticated() { // Arrange ClaimUidExtractor extractor = new ClaimUidExtractor( config: null, claimsIdentityConverter: null); Mock<IIdentity> mockIdentity = new Mock<IIdentity>(); mockIdentity.Setup(o => o.IsAuthenticated).Returns(false); // Act BinaryBlob retVal = extractor.ExtractClaimUid(mockIdentity.Object); // Assert Assert.Null(retVal); }
public void ExtractClaimUid_Unauthenticated() { // Arrange ClaimUidExtractor extractor = new ClaimUidExtractor( config: null, claimsIdentityConverter: null); Mock <IIdentity> mockIdentity = new Mock <IIdentity>(); mockIdentity.Setup(o => o.IsAuthenticated).Returns(false); // Act BinaryBlob retVal = extractor.ExtractClaimUid(mockIdentity.Object); // Assert Assert.Null(retVal); }
public void ExtractClaimUid_NotAClaimsIdentity() { // Arrange Mock<IIdentity> mockIdentity = new Mock<IIdentity>(); mockIdentity.Setup(o => o.IsAuthenticated).Returns(true); MockAntiForgeryConfig config = new MockAntiForgeryConfig(); ClaimsIdentityConverter converter = new ClaimsIdentityConverter(new Func<IIdentity, ClaimsIdentity>[0]); ClaimUidExtractor extractor = new ClaimUidExtractor( config: config, claimsIdentityConverter: converter); // Act BinaryBlob retVal = extractor.ExtractClaimUid(mockIdentity.Object); // Assert Assert.Null(retVal); }
public void ExtractClaimUid_NotAClaimsIdentity() { // Arrange Mock <IIdentity> mockIdentity = new Mock <IIdentity>(); mockIdentity.Setup(o => o.IsAuthenticated).Returns(true); MockAntiForgeryConfig config = new MockAntiForgeryConfig(); ClaimsIdentityConverter converter = new ClaimsIdentityConverter(new Func <IIdentity, ClaimsIdentity> [0]); ClaimUidExtractor extractor = new ClaimUidExtractor( config: config, claimsIdentityConverter: converter); // Act BinaryBlob retVal = extractor.ExtractClaimUid(mockIdentity.Object); // Assert Assert.Null(retVal); }
public void ExtractClaimUid_ClaimsIdentityHeuristicsSuppressed() { // Arrange GenericIdentity identity = new GenericIdentity("the-user"); MockAntiForgeryConfig config = new MockAntiForgeryConfig() { SuppressIdentityHeuristicChecks = true }; ClaimUidExtractor extractor = new ClaimUidExtractor( config: config, claimsIdentityConverter: null); // Act BinaryBlob retVal = extractor.ExtractClaimUid(identity); // Assert Assert.Null(retVal); }
private static AntiForgeryWorker CreateSingletonAntiForgeryWorker() { // initialize the dependency chain // The 'Instance' property can return null, in which case we should fall back to using // the 4.0 crypto code paths. We need to use an 'if' block rather than the null coalescing // operator due to a CLR bug (DevDiv #424203). ICryptoSystem cryptoSystem = MachineKey45CryptoSystem.Instance; if (cryptoSystem == null) { cryptoSystem = new MachineKey40CryptoSystem(); } IAntiForgeryConfig config = new AntiForgeryConfigWrapper(); IAntiForgeryTokenSerializer serializer = new AntiForgeryTokenSerializer(cryptoSystem); ITokenStore tokenStore = new AntiForgeryTokenStore(config, serializer); IClaimUidExtractor claimUidExtractor = new ClaimUidExtractor(config, ClaimsIdentityConverter.Default); ITokenValidator tokenValidator = new TokenValidator(config, claimUidExtractor); return(new AntiForgeryWorker(serializer, config, tokenStore, tokenValidator)); }
public void ExtractClaimUid_ClaimsIdentity() { // Arrange Mock<IIdentity> mockIdentity = new Mock<IIdentity>(); mockIdentity.Setup(o => o.IsAuthenticated).Returns(true); MockAntiForgeryConfig config = new MockAntiForgeryConfig() { UniqueClaimTypeIdentifier = "unique-identifier" }; ClaimsIdentityConverter converter = new ClaimsIdentityConverter(new Func<IIdentity, ClaimsIdentity>[] { identity => { Assert.Equal(mockIdentity.Object, identity); MockClaimsIdentity claimsIdentity = new MockClaimsIdentity(); claimsIdentity.AddClaim("unique-identifier", "some-value"); return claimsIdentity; } }); ClaimUidExtractor extractor = new ClaimUidExtractor( config: config, claimsIdentityConverter: converter); // Act BinaryBlob retVal = extractor.ExtractClaimUid(mockIdentity.Object); // Assert Assert.NotNull(retVal); Assert.Equal("CA9CCFF86F903FBB7505BAAA9F222E49EC2A1E8FAD630AE73DE180BD679751ED", HexUtil.HexEncode(retVal.GetData())); }